Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results forĀ 
Search instead forĀ 
Did you mean:Ā 
cancel
Start a conversation
795
Views
0
Helpful
4
Replies

Pinging a HTTP server in a private network from PC in the same network

WMasla
Level 1
Level 1

ā€Ž06-15-2023 11:40 AM

WMasla_0-1686853291266.png

We have the following situation.

We want to ping Server0 from PC0 using the address www.site.com. Router2 has a static NAT for Server0 giving it public ip 10.0.0.3. DNS Server - Server1 holds a class A record, which for www.site.com returns 10.0.0.3. If we ping www.site.com from PC1, everything works fine, but if we ping from PC0, we get in the DNS response the address 10.0.0.3, so now the try to ping 10.0.0.3, which won't work. Is there a way to configure Router2 so that either we translate address in DNS response or we are able to ping Server0 from PC0 using address 10.0.0.3?

Project file is in the zip package.

Labels:
NAT.zip
0 Helpful
4 Replies 4

Flavio Miranda
VIP
VIP

ā€Ž06-15-2023 11:54 AM - edited ā€Ž06-15-2023 11:59 AM

Hi

 I dont follow you on this NAT

ip nat inside source static 192.168.1.3 10.0.0.3

 

 Why are you natting a local IP address to an IP address that does not exist any where?

 

All you need to do is change  your DNS entry and translate www.site.com to 192.168.1.3

 

NAT_v2.zip
0 Helpful

WMasla
Level 1
Level 1
In response to Flavio Miranda

ā€Ž06-15-2023 12:44 PM

Hi,

The problem is that when we add somewhere another network with address 192.168.1.0/24 we can get another host with ip address 192.168.1.3. That's why we have to use NAT.

As to why an I using address 10.0.0.3, it is because we can ping the server from the outside using that address. We reach Router2, where the destination address gets translated and the packet reaches our web server.

This may be over the top, but the main reason is that we cannot use address 192.168.1.3 in DNS entry due to the possibility of having another network having another host with the address 192.168.1.3.

0 Helpful

Flavio Miranda
VIP
VIP
In response to WMasla

ā€Ž06-15-2023 01:27 PM

I got it now.

  What you are trying to do is possible with real device (some of them) and they call it NAT Hair Pinning.  But, the way they implement it is not possible to simulate on the PacketTracer.

https://community.cisco.com/t5/routing/nat-hairpinning/td-p/2475807 

 On the PacketTracer you could use another interface on the router but it would require to put the server in a different network from the PC0

 

 

0 Helpful

Flavio Miranda
VIP
VIP
In response to WMasla

ā€Ž06-15-2023 06:19 PM

Hi

 I end up managing  to create a topology with NAT and two overlaping network 192.168.1.0/24 where you are going to have 2 servers with IP address 192.168.1.3. However, Server0 is only recheable through the NAT ip address 10.0.0.3 from the both sides of the topology and the other server is recheable using the original IP 192.168.1.3. You can also create a NAT for the second server and then do not use 192.168.1.3 from anywhere.

 I will share the file here so  you can test

NAT_v3.zip
0 Helpful
Customers Also Viewed These Support Documents

Review Cisco Networking for a $25 gift card